From 8a5273d62a8785e6443aca11d6c06e5650884911 Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Mon, 3 Jun 2013 17:17:24 -0400 Subject: [PATCH 89/99] Coverity Fixes (part 1) 11648 - string length miscalulation (ldclt.c) 11655 - unchecked return value (agtmmap.c) 11656 - unchecked return value (dblayer.c) 11657 - unchecked return value (daemon.c) 11658 - unchecked return value (daemon.c) 11660 - unchecked return value (log.c) 11661 - unchecked return value (main.c) 11662 - unchecked return value (ssl.c) 11668 - Same on both sides (repl5_protocol_util.c) 11669 - Same on both sides (ssl.c) 11670 - Same on both sides (util.c) 11673 - Copy-and-paste error (tools/rsearch/sdattable.c) https://bugzilla.redhat.com/show_bug.cgi?id=970221 Reviewed by: Noriko(Thanks!) (cherry picked from commit 2b5aecb77784a9cf68fe29204f15bd4b61159d6d) (cherry picked from commit f771f95f3f34442a9c238b687227d1d17a1015e7) --- .../plugins/replication/repl5_protocol_util.c | 2 +- ldap/servers/slapd/agtmmap.c | 69 +++++++++++----------- ldap/servers/slapd/back-ldbm/dblayer.c | 7 ++- ldap/servers/slapd/daemon.c | 29 +++++---- ldap/servers/slapd/log.c | 18 +++++- ldap/servers/slapd/main.c | 5 +- ldap/servers/slapd/ssl.c | 17 ++++-- ldap/servers/slapd/tools/ldclt/ldclt.c | 4 +- ldap/servers/slapd/tools/rsearch/sdattable.c | 2 +- ldap/servers/slapd/util.c | 2 +- 10 files changed, 98 insertions(+), 57 deletions(-) diff --git a/ldap/servers/plugins/replication/repl5_protocol_util.c b/ldap/servers/plugins/replication/repl5_protocol_util.c index 30d211a..4449170 100644 --- a/ldap/servers/plugins/replication/repl5_protocol_util.c +++ b/ldap/servers/plugins/replication/repl5_protocol_util.c @@ -603,7 +603,7 @@ release_replica(Private_Repl_Protocol *prp) struct berval *data = NULL; /* Check the message id's match */ - if (sent_message_id != sent_message_id) + if (sent_message_id != ret_message_id) { int operation, error; conn_get_error(prp->conn, &operation, &error); diff --git a/ldap/servers/slapd/agtmmap.c b/ldap/servers/slapd/agtmmap.c index d82da5f..f18138a 100644 --- a/ldap/servers/slapd/agtmmap.c +++ b/ldap/servers/slapd/agtmmap.c @@ -187,46 +187,49 @@ agt_mopen_stats (char * statsfile, int mode, int *hdl) if ( fd < 0 ) { - err = errno; + err = errno; #if (0) - fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__); + fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__); #endif - rc = err; - goto bail; - } + rc = err; + goto bail; + } - fstat (fd, &fileinfo); - - sz = sizeof (struct agt_stats_t); - - if (fileinfo.st_size < sz) - { - /* Without this we will get segv when we try to read/write later */ - buf = calloc (1, sz); - (void)write (fd, buf, sz); - free (buf); - } - - fp = mmap (NULL, sz, (PROT_READ | PROT_WRITE), MAP_SHARED, fd, 0); - - if (fp == (caddr_t) -1) - { - err = errno; - close (fd); + if(fstat (fd, &fileinfo) != 0){ + rc = errno; + goto bail; + } + + sz = sizeof (struct agt_stats_t); + + if (fileinfo.st_size < sz) + { + /* Without this we will get segv when we try to read/write later */ + buf = calloc (1, sz); + (void)write (fd, buf, sz); + free (buf); + } + + fp = mmap (NULL, sz, (PROT_READ | PROT_WRITE), MAP_SHARED, fd, 0); + + if (fp == (caddr_t) -1) + { + err = errno; + close (fd); #if (0) - fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__); + fprintf (stderr, "returning errno =%d from %s(line: %d)\n", err, __FILE__, __LINE__); #endif - rc = err; - goto bail; - } + rc = err; + goto bail; + } - mmap_tbl [1].maptype = AGT_MAP_RDWR; - mmap_tbl [1].fd = fd; - mmap_tbl [1].fp = fp; - *hdl = 1; + mmap_tbl [1].maptype = AGT_MAP_RDWR; + mmap_tbl [1].fd = fd; + mmap_tbl [1].fp = fp; + *hdl = 1; - rc = 0; - break; + rc = 0; + break; } /* end switch */ #else /* _WIN32 */ diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c index 8696834..960d99e 100644 --- a/ldap/servers/slapd/back-ldbm/dblayer.c +++ b/ldap/servers/slapd/back-ldbm/dblayer.c @@ -4478,7 +4478,12 @@ static int checkpoint_threadmain(void *param) "%s.old", *listp); checkpoint_debug_message(debug_checkpointing, "Renaming %s -> %s\n",*listp, new_filename, 0); - rename(*listp, new_filename); + if(rename(*listp, new_filename) != 0){ + LDAPDebug(LDAP_DEBUG_ANY, "checkpoint_threadmain: failed to rename log (%s) to (%s)\n", + *listp, new_filename, 0); + rval = -1; + goto error_return; + } } } slapi_ch_free((void**)&list); diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c index 221b156..524a6aa 100644 --- a/ldap/servers/slapd/daemon.c +++ b/ldap/servers/slapd/daemon.c @@ -3384,8 +3384,14 @@ createsignalpipe( void ) } writesignalpipe = PR_FileDesc2NativeHandle(signalpipe[1]); readsignalpipe = PR_FileDesc2NativeHandle(signalpipe[0]); - fcntl(writesignalpipe, F_SETFD, O_NONBLOCK); - fcntl(readsignalpipe, F_SETFD, O_NONBLOCK); + if(fcntl(writesignalpipe, F_SETFD, O_NONBLOCK) == -1){ + LDAPDebug( LDAP_DEBUG_ANY,"createsignalpipe: failed to set FD for write pipe (%d).\n", + errno, 0, 0 ); + } + if(fcntl(readsignalpipe, F_SETFD, O_NONBLOCK) == -1){ + LDAPDebug( LDAP_DEBUG_ANY,"createsignalpipe: failed to set FD for read pipe (%d).\n", + errno, 0, 0); + } #endif return( 0 ); @@ -3605,7 +3611,7 @@ void configure_ns_socket( int * ns ) { int enable_nagle = config_get_nagle(); - int on; + int on, rc; #if defined(LINUX) /* On Linux we use TCP_CORK so we must enable nagle */ @@ -3615,19 +3621,18 @@ void configure_ns_socket( int * ns ) if ( have_send_timeouts ) { daemon_configure_send_timeout( *ns, config_get_ioblocktimeout() ); } - - + /* set the nagle */ if ( !enable_nagle ) { - on = 1; - setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) ); + on = 1; } else { - on = 0; - setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) ); - } /* else (!enable_nagle) */ - + on = 0; + } + /* check for errors */ + if((rc = setsockopt( *ns, IPPROTO_TCP, TCP_NODELAY, (char * ) &on, sizeof(on) ) != 0)){ + LDAPDebug( LDAP_DEBUG_ANY,"configure_ns_socket: Failed to configure socket (%d).\n", rc, 0, 0); + } return; - } diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c index a765001..9b3f640 100644 --- a/ldap/servers/slapd/log.c +++ b/ldap/servers/slapd/log.c @@ -3789,6 +3789,9 @@ log__open_errorlogfile(int logfile_state, int locked) struct logfileinfo *logp; char buffer[BUFSIZ]; struct passwd *pw = NULL; +#ifndef _WIN32 + int rc = 0; +#endif slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); @@ -3886,7 +3889,20 @@ log__open_errorlogfile(int logfile_state, int locked) * alternate ns-slapd modes, such as db2bak, tries to log an error * at startup, it will create the logfile as root! */ - slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1); + if((rc = slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1)) != 0){ + PR_snprintf(buffer, sizeof(buffer), + "Failed to chown log file %s: error %d (%s); Exiting...", + loginfo.log_error_file, errno, slapd_system_strerror(errno)); + log__error_emergency(buffer, 1, locked); + if (!locked) LOG_ERROR_UNLOCK_WRITE(); + /* failed to write to the errors log. should not continue. */ + g_set_shutdown( SLAPI_SHUTDOWN_EXIT ); + /*if I have an old log file -- I should log a message + ** that I can't open the new file. Let the caller worry + ** about logging message. + */ + return LOG_UNABLE_TO_OPENFILE; + } #endif loginfo.log_error_fdes = fp; diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c index 84ce01d..9938c01 100644 --- a/ldap/servers/slapd/main.c +++ b/ldap/servers/slapd/main.c @@ -247,7 +247,10 @@ chown_dir_files(char *name, struct passwd *pw, PRBool strip_fn, PRBool both) while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL ) { PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name); - slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 ); + if((rc = slapd_chown_if_not_owner( file, pw->pw_uid, both?pw->pw_gid:-1 )) != 0){ + LDAPDebug(LDAP_DEBUG_ANY, "chown_dir_files: file (%s) chown failed (%d) %s.\n", + file, errno, slapd_system_strerror(errno)); + } } PR_CloseDir( dir ); } diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c index 0aab53d..f515b8e 100644 --- a/ldap/servers/slapd/ssl.c +++ b/ldap/servers/slapd/ssl.c @@ -360,7 +360,7 @@ _conf_setciphers(char *ciphers) if(t) ciphers = t; } - if (unsuplist && unsuplist) { + if (unsuplist && *unsuplist) { char *strsup = charray2str(suplist, ","); char *strunsup = charray2str(unsuplist, ","); slapd_SSL_warn("Security Initialization: FIPS mode is enabled - only the following " @@ -614,9 +614,18 @@ slapd_nss_init(int init_ssl, int config_available) certdb_file_name = slapi_ch_smprintf("%s/cert8.db", certdir); keydb_file_name = slapi_ch_smprintf("%s/key3.db", certdir); secmoddb_file_name = slapi_ch_smprintf("%s/secmod.db", certdir); - chmod(certdb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP ); - chmod(keydb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP ); - chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP ); + if(chmod(certdb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){ + LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n", + certdb_file_name, errno, slapd_system_strerror(errno)); + } + if(chmod(keydb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){ + LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n", + keydb_file_name, errno, slapd_system_strerror(errno)); + } + if(chmod(secmoddb_file_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP )){ + LDAPDebug(LDAP_DEBUG_ANY, "slapd_nss_init: chmod failed for file %s error (%d) %s.\n", + secmoddb_file_name, errno, slapd_system_strerror(errno)); + } } /****** end of NSS Initialization ******/ diff --git a/ldap/servers/slapd/tools/ldclt/ldclt.c b/ldap/servers/slapd/tools/ldclt/ldclt.c index 27a2412..2a45c76 100644 --- a/ldap/servers/slapd/tools/ldclt/ldclt.c +++ b/ldap/servers/slapd/tools/ldclt/ldclt.c @@ -1497,7 +1497,7 @@ basicInit (void) /* * Parse the deference attribute value */ - mctx.attRefDef= (char *)malloc(strlen(mctx.attrpl+i+1) + 1); + mctx.attRefDef= (char *)malloc(strlen(mctx.attrpl + i) + 2); if (mctx.attRefDef== NULL) { printf ("Error: unable to allocate memory for attRefDef\n"); return (-1); @@ -1525,7 +1525,7 @@ basicInit (void) /* * Parse the attribute value */ - mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl+i+1) + 1); + mctx.attrplFile = (char *)malloc(strlen(mctx.attrpl+i) + 2); if (mctx.attrplFile == NULL) { printf ("Error: unable to allocate memory for attreplfile\n"); return (-1); diff --git a/ldap/servers/slapd/tools/rsearch/sdattable.c b/ldap/servers/slapd/tools/rsearch/sdattable.c index df1c152..c0274d0 100644 --- a/ldap/servers/slapd/tools/rsearch/sdattable.c +++ b/ldap/servers/slapd/tools/rsearch/sdattable.c @@ -183,7 +183,7 @@ int sdt_save(SDatTable *sdt, const char *filename) PR_Write(fd, sdt->dns[i], strlen(sdt->dns[i])); PR_Write(fd, "\n", 1); } - if (sdt->dns[i]) { + if (sdt->uids[i]) { PR_Write(fd, "uid: ", 5); PR_Write(fd, sdt->uids[i], strlen(sdt->uids[i])); PR_Write(fd, "\n", 1); diff --git a/ldap/servers/slapd/util.c b/ldap/servers/slapd/util.c index 649b3a9..0a9d23d 100644 --- a/ldap/servers/slapd/util.c +++ b/ldap/servers/slapd/util.c @@ -417,7 +417,7 @@ normalize_mods2bvals(const LDAPMod **mods) num_values++; } } else { - for (x = 0; mods[w]->mod_values[x] != NULL && + for (x = 0; mods[w]->mod_values != NULL && mods[w]->mod_values[x] != NULL; x++) { num_values++; -- 1.8.1.4